Currently my server doesn't support mutual authentication.<br>But i would like to test my client certificate so i was thinking to use eapol_test against freeradius. By any chance do you know how to set freeradius for TTLS mutual authentication?<br>
<br><br><div class="gmail_quote">On Fri, Jun 13, 2008 at 2:34 PM, Jouni Malinen <<a href="mailto:j@w1.fi">j@w1.fi</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Fri, Jun 13, 2008 at 11:30:08AM +0200, Dana Blanaru wrote:<br>
<br>
> I've just found out about the eapol_tool that can be used against freeradius<br>
> server.<br>
> I want to test EAP-TTLS using mutual authentication in phase1 (client<br>
> authenticates also with an certificate).<br>
<br>
</div><div class="Ih2E3d">> My question: what do I have to add to this file in order to have two<br>
> way authentication?<br>
<br>
</div>Assuming you can configure your server to request client authentication<br>
during TLS handshake in EAP-TTLS, you would just need to add private key<br>
and client certificate configuration (client_cert, private_key, and<br>
private_key_passwd, if needed) in the network block for eapol_test.<br>
<font color="#888888"><br>
--<br>
Jouni Malinen PGP id EFC895FA<br>
_______________________________________________<br>
HostAP mailing list<br>
<a href="mailto:HostAP@lists.shmoo.com">HostAP@lists.shmoo.com</a><br>
<a href="http://lists.shmoo.com/mailman/listinfo/hostap" target="_blank">http://lists.shmoo.com/mailman/listinfo/hostap</a><br>
</font></blockquote></div><br>